Add a filter for USERNAME when self-hosted to prevent unauthorized usage

[florianamette]

Is your feature request related to a problem? Please describe.

When the service is self-hosted on a platform like Vercel, anyone can currently make requests to the publicly accessible endpoint to retrieve GitHub stats for any username. This can potentially expose unnecessary load or unintended use of the API, effectively turning it into a free service for others.

Describe the solution you'd like

Implement a filtering mechanism that checks if the requested username matches a USERNAME defined as an environment variable. If not, return an error message instead of the requested stats. This ensures that only the intended user’s stats are accessible via the self-hosted instance.

Describe alternatives you've considered

Here’s a suggested code snippet that can be added to the API endpoint. If the username does not match the USERNAME environment variable, it returns a friendly error rather than the stats:

if (username !== process.env.USERNAME) {
  return res.send(
    renderError("Something went wrong", "This username is not permitted", {
      title_color,
      text_color,
      bg_color,
      border_color,
      theme,
    }),
  );
}

Additional context

This ensures that only the specified USERNAME (set via environment variables) can be used to access the stats when running the project as a self-hosted instance.